The HIPAA risk analysis is the starting point for any HIPAA audit, and the most important component for achieving and maintaining HIPAA compliance. If risk analysis is such a critical part of HIPAA compliance, why is it the number one finding by the Office for Civil Rights (OCR)? Unfortunately, this means that a lot of business associates and covered entities, who are required to comply with HIPAA laws, just aren’t completing a HIPAA risk analysis.
PCI Requirement 1.5 is not only saying that your organization needs to maintain documented security policies and operational procedures; the policies and procedures needs to be known and in use by all relevant parties. Watch this episode to learn more about PCI DSS Requirement 1.5.
PCI Requirement 1.4 states, “Install personal firewall software or equivalent functionality on any portable computing devices (including company and/or employee-owned) that connect to the Internet when outside the network”. Watch this episode to learn more about PCI DSS Requirement 1.4.